151497d23f5ed926e2b6059391082d4b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

151497d23f5ed926e2b6059391082d4b_JaffaCakes118
Size

27KB
MD5

151497d23f5ed926e2b6059391082d4b
SHA1

e71eecb0a697f95a2cc2154c7935cfa5239d0128
SHA256

974d87ba75a4b8fd294580c3b684ce1b9e42b9b638baf962b74c64f3cccb3893
SHA512

15d12e492126cb5eba83f807d83e1d0a6dfe9f071f46fc0a65f0d83e824396138fd2b3736c9498fcb608dc053a2da2e26d37bf50f3ad1ba78de31ce23bc55ddb
SSDEEP

768:7qfO4PXjiEScwzsj3Ye64s9v6gDqP0mS9ngmepUZ:Gw5zsbYmgi0gmeUZ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
151497d23f5ed926e2b6059391082d4b_JaffaCakes118
unpack001/out.upx

Files

151497d23f5ed926e2b6059391082d4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ